Teaching Scheme
Short Description
Download Teaching Scheme...
Description
Computer Security Topic 1
Name: Introduction to Computer Security and Security Trends
Knowledge Category
Example/s of category
Teaching methodology
FACT
Security
Use appropriate example of security (security guards in college gate)
CONCEPT
Assets
Show any peripheral devices of Computer or Network( Hard disk)
Viruses
Corrupted Files in pen drive
Terrorists
News, Videos of terrorist attack like 26/11 attack
Malware
Use any appropriate examplemalicious code transfer through mobile while sharing the data (Bluetooth)among people
Use any appropriate Confidentiality, Integrity, Availability, example – email Accountability
Risk
PRINCIPLE
PROCEDUR E Application
and
Use any appropriate example – person having large amount of cash in travelling
Security Attacks CIA Model
Use example of Hacker trying to attack on any email account Use any appropriate PPT
Risk Analysis
Use any appropriate PPT or Video
Steps in Attack Online application
Learning Resources: Books:
PPT
Online Shopping Banking
and
Online
Lecture No.
1
Topic/ Subtopic to be covered
Why focus on Security?– “Principals of Computer Security CompTIASecurity+andBeyndo” by Wm. Arthur Conklinchapter 1 Page No 1
E.g The Secureness of precious materials being stolen like gold, money, Mark sheet of student etc.)
Definition of Computer Security “Computer Security” by Dieter Gollman Chapter 2, Page No 18
Why security is important (Need of security) “Cryptography and Network Security” by AtulKahate Chapter 1, Page no 1
Eg. Confidential information of defense save on computer of govt dept
Basics of computer security – C, I, A Model Confidentiality - “Computer Security” by Dieter Gollman Chapter 2, Page No 20 Integrity - “Computer Security” by Dieter Gollman Chapter 2, Page No 21 Availability - “Computer Security” by Dieter Gollman Chapter 2, Page No 22 Accountability - “Computer Security” by Dieter Gollman Chapter 2, Page No 23 Non-repudiation - “Computer Security” by Dieter Gollman Chapter 2, Page No 23 * Draw pyramid model of CIA
Web Site - http://it.med.miami.edu/x904.xml *Note- Conclude the lecture with Block keywords & definitions and suitable diagram 2
Examples of Application where security is important Eg: Bank where locker facility is provided Challenges in security – which are different barriers in security Eg: person tries different ways to crack the password of Computer
Models of security
3 Define Risk “Computer Security” by Dieter Gollman Chapter 1, Page No 13
4
What is Assets, Vulnerability and threats “Computer Security” by Dieter Gollman Chapter 1, Page No 10,11 (Harddisk is assest ) Formula for calculation of Risk “Computer Security” by Dieter Gollman Chapter 1, Page No 10 PPTs - www.cs.uiuc.edu/class/sp07/cs498ia/slides/CS46106.RiskAnalysis.ppt What Quantitative & Qualitative Risk Analysis “Computer Security” by Dieter Gollman Chapter 1, Page No 13 Counter measures to mitigate the risk “Computer Security” by Dieter Gollman Chapter 1, Page No 14 Web Site – http://www.digitalthreat.net/2009/06/threat-vs-vulnerability-vs-risk/
5
What is Threat- Definition What is different categories of Threats Definition of Virus and Worms – Differentiate between them
“Principles of Computer Security: Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 7 “Cryptography and Network Security” by AtulKahate Chapter 1 Page no 16, 18
Different types of Viruses – Life Cycle of Viruses (Draw Diagram) “Cryptography and Network Security” by AtulKahate Chapter 1 Page no 16 to 18
Define Intruders & Insiders – Differentiate between them (Give real life example or any movie example) “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 7,8
Web Sites – http://www.f-secure.com/en/web/labs_global/threat-types http://support.kaspersky.com/viruses/general/614 http://peterhgregory.wordpress.com/2009/03/14/security-basics-definitionsof-threat-attack-and-vulnerability/
6 Who is Criminal purpose(any movie example)
Organization
–
what is
their
“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 9
Who is Terrorists – what is their aim/goals(any movie example)
“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 9
Information Warfare Why there is need of Information Warfare
“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 9
Avenues of Attacks (Example of any Criminal Activity)
“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 11
Steps in Attack – How attack can happen in any organization like Bank robbery “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 1 Page no 12
7 What is Attack – Definition of attack Active and Passive Attack – Differentiate between them, Classification of passive and active attacks “Cryptography and Network Security” by Atul Kahate Chapter 1 Page no 12 to 15
Denial of Service Attack (DOS & DDOS)
“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 400
Web Site - http://www.slideshare.net/chintanjpatel/unit-1-33882940
8
Backdoor, Trapdoors
“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 403
Sniffing
“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 404
Spoofing
“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 405, 406
Encryption Attack
“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 410
9
Web Site – https://www.parkbank.com/about/security/computer-security http://vickyvikramaditya1.blogspot.in/2011/08/sniffing-and-spoofing.html PPT – https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web &cd=4&cad=rja&uact=8&sqi=2&ved=0CD8QFjAD&url=http%3A%2F%2 Fwww.pcs.cnu.edu%2F~dgame%2Fcs446Gen%2Ftopics%2FSniffing%2FS niffing.PPT&ei=5WKhU7a2E4OiugTag4CACQ&usg=AFQjCNE2f2hwh4v f1vWecSJh8I8D47Wy0g&bvm=bv.69137298,d.c2E Man-in-middle attack “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 408
Replay Attack TCP/IP Hacking
“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 409 Web Site – http://careerride.com/Networking-replay-attacks.aspx PPT –
10
https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web &cd=14&cad=rja&uact=8&ved=0CF0QFjAN&url=http%3A%2F%2Fcsc.c olumbusstate.edu%2Fsummers%2Fnotes%2Fcs557%2F3mf%2FReplayAttacks.ppt&ei=S2OhU9T8GdGdugTCyoLQBw&usg=AFQjCNG0tQwkX Uxg0-6LnH-_ZzDNqSHlzw&bvm=bv.69137298,d.c2E Definition of Malware “Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 415
Various categories of Malwares What is Virus and Logic Bombs
“Principles of Computer Security:Comp TIA Security+ and Beyond” by Wm. Arthur Conklin Chapter 15 Page no 418
Web site – http://www.malwaretruth.com/the-list-of-malware-types/ http://www.kaspersky.co.in/internet-security-center/threats/malwareclassifications
Topic 2
Name: Authentication and Operational Security Objectives Knowledge Category
Example/s of category
Teaching methodology
FACT
People
Use appropriate example of people- Internet Users
Password
Show appropriate example- create password to authenticate user for PC or laptop or password for enrollment of admission Use appropriate example-(Iris) retina scan in Adhar Card Office Example-Login screen
Biometrics
CONCEPT
Managing Password
Example-Cash withdrawal at ATM
Role of People
Example-Changing PIN of ATM User Use appropriate PPT's
PRINCIPLE
Choosing a password
APPLICATION
Individual Responsibilities Thumb Reader
Use Appropriate example of Biometric like Attendance System using Thumb
Learning Resources: Books: Title: 1) “Cryptography and Network Security” by Atul Kahate Publisher – Tata McGraw Hill 2) “Computer Security” by Dieter Gollman Publisher – Wiley India 3) “Principles of Computer Security + and Beyond” by Wm. Arthur Conkin Publisher - Tata McGraw Hill Teaching Aids: Black Board, PPTS, Transparencies, Reference Book, Notes. PPTs: Preferably prepare PPTs containing https://depts.washington.edu/...security/your_role_information_secur.ppt http://www.slideshare.net/vidita123/biometrics-final-ppt
Lecture No.
1
Topic/ Subtopic to be covered
Introduction to operational Security Understand meaning - role of people What is password?
“Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 3 “Operational and Organizational Security
*Note- Conclude the lecture with Block keywords & definitions and suitable diagram Introduction to terms -identification, Authentication & operational Security To understand role of people in security Cryptography & Network Security by AtulKahateChapter-7pg.nos 271-73
2
3
4
User Name & Password Computer Security by Dieter Gollman Chapter-3, Pg.Nos.36
How to choose & manage password? Computer Security by Dieter Gollman Chapter-3, Pg.Nos.37,38, 39
To understand what are threats while creating passwords.
Introduction to terms -identification, Authentication Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 11 Pg.nos-262
Describe different areas where security comes into picture. Cryptography & Network Security by AtulKahateChapte1 Page No.1 to 3
5
Discuss role of people in security Password Selection
Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-72
Piggybacking
Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-73
Shoulder Surfing
Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-70
Dumpster Diving
Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-74
6
Installing Unauthorized Software/Hardware Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.Nos-74,75
Access By Non-employee Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-75
Security Awareness Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.No-76
Individual User Responsibilities Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 4 Pg.Nos-77 Examples of role of people using suitable techniques.
http://www.slideshare.net/Clarice_Wilson/atm-frauds-and-solutions
7
Define Access Control
Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 11 Pg.no-268
Discuss their principles & policies
Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 11 Pg.no-269
" Types of Access controls Principles of Computer Security Security + and Beyond” by Wm. Arthur Conklin Dwayne Chapter 11 Pg.nos-269,270
8
9
Introduction to Biometrics Types of Biometrics
10
Types of Biometrics & example Finger prints Hand print Retina Patterns Voice Patterns Signature &Writing Patterns Keystrokes Computer Security Principles & Practices " by William Stalling, Lawrie Brown Chapter-3 " pg.nos.92 to 97
PPT:
http://www.slideshare.net/vidita123/biometrics-final-ppt
Topic 3
Name: Cryptography
Knowledge Category
Example/s of category
Teaching methodology
FACT
Plaintext
Use example of Plaintext–Human language (message:“welcometo third year diploma”)
Show any message is Codified by using. KEY
Key
Cipher Text
CONCEPT
Cryptography, Cryptanalysis, Cryptology
Encryption
Decryption
Private Key
Alphabet A Codified by key “3” to Alphabet “C”
Show example of codified message like “ABC” is code to “CDE” Use appropriate example to show the converting of plaintext to cipher text and vice-versa.
Show example of encoding plaintext to Cipher text: Eg.”Computer” to” retupmoc” Show example of decoding Cipher text to Plaintext Eg.“retupmoc” to “Computer” Show example of key which need to be kept secret: Eg. door key of own house or password of
Lecture No.
1
Topic/ Subtopic to be covered
Introduction to Cryptography “Computer Security” by Dieter Gollman Chapter 11, Page No 186 “Principles of Computer Security + and Beyond” by Wm. Arthur” chapter -5 ,Page No- 83
Definition of Cryptography, Cryptanalysis and Cryptology “Cryptography and Network Security” by AtulKahateChapter2, Page No 38-39
Identify and describe the types of cryptography “Principles of Computer Security + and Beyond” by Wm. Arthur” chapter -5 ,Page No- 84
What is Plain text and Cipher Text? Plain text and cipher Text - “Cryptography and Network Security” by AtulKahateChapter2, Page No 40-41”
Website http://en.wikipedia.org/wiki/Cryptography http://www.apprendre-en-ligne.net/crypto/bibliotheque/PDF/Kwang.pdf http://cs.stanford.edu/people/eroberts/cs181/projects/dvd- css/cryptography.htm
PPT – http://www.sce.uhcl.edu/yang/teaching/csci5931netSecuritySpr05/nsech 02a.ppt
2
What is Substitution Technique?
Cryptography and Network Security” by AtulKahate Chapter 2, Page No 41
State different type of substitution technique
Cryptography and Network Security” by AtulKahate Chapter 2, Page No 42
Define Caesar’ciper? Explain with example ?
Cryptography and Network Security” by AtulKahate Chapter 2, Page No 41-43
Working principle of mono alphabetic substitution technique
Cryptography and Network Security” by AtulKahate Chapter 2, Page No 44-46
How Poly alphabetic technique is different from mono alphabetic Cryptography and Network Security” by AtulKahate Chapter 2, Page No 47
Drawback of Substitution technique
Cryptography and Network Security” by AtulKahate Chapter 2, Page No 48-54
Website http://www.cimt.plymouth.ac.uk/resources/codes/codes_u1_text.pdf
PPTs sce.uhcl.edu/yang/public/Modules/.../Substitution%20Ciphers.ppt
3
What is Transposition Technique?
Cryptography and Network Security” by AtulKahate Chapter 2, Page No 54
Working principle of rail fence technique with example
Cryptography and Network Security” by AtulKahate Chapter 2, Page No 54-55
Working principle of Simple Columnar with example
Cryptography and Network Security” by AtulKahate Chapter 2, Page No 54-58
What is Stenography? State its advantage and disadvantages
Cryptography and Network Security” by AtulKahate Chapter 2, Page No 73-74
“Principles of Computer Security + and Beyond” by Wm. Arthur” Chapter -5 Cryptography, page 101-103
Websitehttp://www.cs.man.ac.uk/~banach/COMP61411.Info/CourseSlides/Wk1.2.Classical .pdf PPTs -www.eecis.udel.edu/~mills/teaching/eleg867b/crypto_slides/ch02.ppt
4
Define Encryption? Show a block diagram of encryption Cryptography and Network Security” by AtulKahate Chapter 2, Page No 59
Define Decryption? Show a block diagram of Decryption Cryptography and Network Security” by AtulKahate Chapter 2, Page No 59-62
State the sketch of Symmetric key cryptography and problem of Key Distribution Cryptography and Network Security” by AtulKahate Chapter 2, Page No 62-71
Website: http://www4.ncsu.edu/~kksivara/sfwr4c03/lectures/lecture9.pdf
PPTs - cs.ecust.edu.cn/~yhq/course_files/security/topic2.ppt 5
Name the algorithm uses for Symmetric key cryptography Cryptography and Network Security” by AtulKahate Chapter 2, Page No 100
“Principles of Computer Security + and Beyond” by Wm. Arthur” Chapter -5 Cryptography, page 91-94
Conceptual working of DES along with diagram Cryptography and Network Security” by AtulKahate Chapter 2, Page No 101
Computer Security” by Dieter GollmanChapter -11,Page No-199-202”
Processing step in DES Cryptography and Network Security” by AtulKahate Chapter 2, Page No 102-103
Website: http://cs.ucsb.edu/~koc/cs178/docx/w04x-des.pdf
PPTs - islab.csie.ncku.edu.tw/course/slide/ch_06.ppt
6
Details of each step in DES Algorithm along with block diagram a) What is happening the Initial permutation (IP) Cryptography and Network Security” by AtulKahate Chapter 3, Page No -102-103
b) Details of one Round in DES Cryptography and Network Security” by AtulKahate Chapter 3, Page No -103
i.
Step 1- Key transformation
Cryptography and Network Security” by AtulKahate Chapter 3, Page No -104
ii.
Step2- Expansion permutation
Cryptography and Network Security” by AtulKahate Chapter 3, Page No -104-105
iii. Step3- S- Box Substitution Cryptography and Network Security” by AtulKahate Chapter 3, Page No -105-108
iv.
Step 4-P- Box substitution
Cryptography and Network Security” by AtulKahate Chapter 3, Page No -108-109
v.
Step 5- XOR and swap
Cryptography and Network Security” by AtulKahate Chapter 3, Page No -109-110
c)Variation of DES Cryptography and Network Security” by AtulKahate Chapter 3, Page No -111
Website http://cs.ucsb.edu/~koc/cs178/docx/w04x-des.pdf https://www.google.co.in/search?q=des%20algorithm&tbm=isch&ei=LGW mU8m1MtaD8gWpnYKwAQ#facrc=_&imgdii=_&imgrc=GRgKBo8qM0i ufM%253A%3BXIxHOqkYyDZ7mM%3Bhttp%253A%252F%252Fi1.ytim g.com%252Fvi%252FiayDUAGu9Ec%252Fhqdefault.jpg%3Bhttp%253A %252F%252Fwww.youtube.com%252Fwatch%253Fv%253DiayDUAGu9E c%3B480%3B360
PPTs -islab.csie.ncku.edu.tw/course/slide/ch_06.ppt
7
i.
“What is Asymmetric key cryptography? “Cryptography and Network Security” by AtulKahate Chapter 4,Page No-154-156
Compare Symmetric key cryptography and Asymmetric key cryptography “Cryptography and Network Security” by AtulKahate Chapter 4,Page No-161
Introduction to Digital Signature “ Cryptography and Network Security” by AtulKahate Chapter 4,Page No-165-166
“Principles of Computer Security + and Beyond” by Wm. Arthur” Chapter -5 Cryptography, page 106-107,126,130 “Computer Security” by Dieter GollmanChapter -11,Page No-194-195
Website http://www.icg.isy.liu.se/courses/tsit03/forelasningar/cryptolecture08.pdf http://technet.microsoft.com/en-us/library/cc962021.aspx
PPTs -http://www.slideshare.net/rohitbhatta/introduction-to-digital-signatures
8
Basis of Digital signature
Cryptography and Network Security” by AtulKahate Chapter 4,Page No-166-167 Computer Security” by Dieter GollmanChapter -11,Page No-194-195” Basis for Hashing Concept
Principles of Computer Security + and Beyond” by Wm. Arthur” Chapter 5 page 87-89 Computer Security” by Dieter Gollman Chapter -11,Page No-192-194”
http://technet.microsoft.com/en-us/library/cc962016.aspx
Message digest
Principles of Computer Security + and Beyond” by Wm. Arthur” Chapter -5 page 90 Cryptography and Network Security” by AtulKahate Chapter 4,Page No-167-196
Web Site – http://www.cs.iit.edu/~cs549/lectures/CNS-5.pdf http://www.cs.uiuc.edu/class/fa07/cs498mmp/slides/TFC-F07-Lect15.pdf https://www.entrust.com/wp-content/uploads/2013/05/cryptointro.pdf
http://technet.microsoft.com/en-us/library/cc962033.aspx
Topic 4
Name: Computer Security Technology and Intrusion Detection Knowledge Category
Example/s of category
Teaching methodology
FACT
Attack
Use appropriate example to show how attacker attack on Computer security –Eg- attack on particular personal computer to obtained bank account number .
Show Attacker try to enter from weak entry point or bypass the security level Eg: illegal accessing particular bank account to transfer money
Intrusion
Eg-Theft try to enter through window or door
Standard Protocols CONCEPT
Firewall
Virtual Network
Kerberos
appropriate exampleEgFile transfer –FTP Use appropriate example to show firewall mechanismEg Compound wall for Building, Barrier on Road sides. Restricted access to particular website in College
Use appropriate example to private communication Private over public network E.g.: Walky Talky in Army for communicating between soldiers. Use appropriate ppt to show
Lecture no
1
Topic/ Subtopic to be covered
Introduction to Firewall “Computer Security” by Dieter Gollman Chapter 13, Page No 247 “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:435-436
Definition of Firewall “Computer Security” by Dieter Gollman Chapter 13, Page No 247
Need for Firewall in Computer security and network “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:436
Characteristics of Good Firewall “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:437
Types of Firewall and Firewall polices “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:437
“Computer Security” by Dieter Gollman Chapter 13, Page No 248, 249
Limitation and problem in Firewall
“Computer Security” by Dieter Gollman Chapter 13, Page No 250 “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:452
Website http://www.dis.uniroma1.it/~alberto/didattica/cns-slides/firewalls.pdf http://www.cs.iit.edu/~cs549/slides/chapter-14.pdf
PPT www.cs.kau.se/cs/education/courses/dvgc03/p4/Firewalls.ppt
2
Working of packet filtering in firewall
“Computer Security” by Dieter Gollman Chapter 13, Page No 248 “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:438
Working of Application gateway
“Computer Security” by Dieter Gollman Chapter 13, Page No 249 “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:441
Working of Circuit level gateways
“Computer Security” by Dieter Gollman Chapter 13, Page No 249 “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:442
Implementation of Firewall and Firewall configuration “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:448-451
Website: http://www.interpole.net/interpole/products/firewall/interwall/details
3
i.
Introduction to VPN “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:469
“Principles of ComputerCompTIA Security +and beyond” by WM.ArthurConklin,Page No 283
VPN Architecture “Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:470-472
Types of VPN
“Cryptography and Network Security” by AtulKahateChapter 13 ,Page No:472
Website http://ptgmedia.pearsoncmg.com/images/1587051796/samplechapter/1587051796c ontent.pdf
PPT www.csun.edu/~vcact00f/311/termProjects/.../VPNpresentation.ppt
4
Introduction
to
Kerberos Computer Security” by Dieter Gollman Chapter 12, Page No 219-221
Relation of Kerberos with Authentication
“Principles of ComputerCompTIA Security +and beyond” by WM.Arthur Conklin i.Chapter 11Page No- 263-264
5
How does Kerberos work “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter 11 Page No -263-264 “Cryptography and Network Security” by AtulKahateChapter 7Page No-372-377
“Cryptography and Network Security” by William Stallings Chapter 14 Page No 412-413
Website: http://cs.brown.edu/cgc/net.secbook/se01/handouts/Ch09-Kerberos.pdf http://www.cs.kent.edu/~farrell/grid06/lectures/KERBEROS.pdf http://technet.microsoft.com/en-us/library/cc780469(v=ws.10).aspx https://www.google.co.in/search?q=kerberos+authentication&espv=2&source=lnm s&tbm=isch&sa=X&ei=BOimU6HJCNCQuASPr4C4BQ&ved=0CAYQ_AUoAQ &biw=1024&bih=634#facrc=_&imgdii=_&imgrc=IuJfsiiiaao9WM%253A%3BRh 0gI3z74Tb68M%3Bhttp%253A%252F%252Fwww.zeroshell.org%252Fkerberos% 252Fimage%252Fkrbmsg.gif%3Bhttp%253A%252F%252Fwww.zeroshell.org%2 52Fkerberos%252FKerberos-operation%252F%3B638%3B532
6
State different types of Security topology “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin
Chapter 9 Page No206-207 What are Security Zones “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter 9 Page No218--221 How the DMZ work “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter 9 Page No219 “Cryptography and Network Security” by AtulKahate chapter13 Page no-451-452
Working of VLAN “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin
Chapter 9 Page No222 Website https://www.google.co.in/ search?q=Security+zone&espv=2&source=lnms&tbm=isch&sa=X&ei=oeimU6v MMdeeugTzloJA&ved=0CAYQ_AUoAQ&biw=1024&bih=634#facrc=_&imgdii =_&imgrc=mJa95BMkxqnx_M%253A%3BI06ak8wtCiM2M%3Bhttp%253A%252F%252Fi.msdn.microsoft.com%252Fdynimg%252F IC11169.gif%3Bhttp%253A%252F%252Fmsdn.microsoft.com%252Fenus%252Flibrary%252Fcc507438(v%253Dvs.85).aspx%3B451%3B399
http://www.cse.wustl.edu/ ~jain/cis788-97/ftp/virtual_lans/
PPT-www.cc.gatech.edu/classes/AY2014/cs4270.../4270-vlan-tutorial.ppt
7
What Intruders? state its three types
“Cryptography and Network Security” by AtulKahatechapter 13 Page No 472-473
“Computer Security” by Dieter Gollman. Chapter 13 Page No-251
Basic of Intrusion detection System
“Cryptography and Network Security” by AtulKahatechapter 13 Page No 473-474
“Computer Security” by Dieter Gollman. Chapter 13 Page No-252
Types of IDS
“Cryptography and Network Security” by AtulKahatechapter 13 Page No 474-475
“Computer Security” by Dieter Gollman. Chapter 13 Page No-253 Three Logical Component of IDS “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter 13 Page No 321
Honey pots
“Cryptography and Network Security” by AtulKahatechapter 13 Page No 475
“Computer Security” by Dieter GollmanChapter 13 Page No 254 Websites http://www.ee.tamu.edu/~reddy/ee689_04/pres_sumitha_james.pdf
PPT -www.cs.utexas.edu/users/ygz/395T-01F/reading/arun.ppt
8
What is Host based IDS ?Show its Components “Computer Security” by Dieter GollmanChapter 13 Page No.253 “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin .Chapter 13 Page No-323 Cryptography and Network Security” by AtulKahatechapter 13 Page No 474—475
What is Network Based IDS? Show its Components Computer Security” by Dieter GollmanChapter 13 Page No.253 “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin .Chapter 13Page No -323 Cryptography and Network Security” by AtulKahatechapter 13 Page No 475
State Advantage of NIDS and Disadvantage of NIDS “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin .Chapter 13Page No -32
PPT - www.cs.northwestern.edu/~ychen/classes/msit458-f11/ids.ppt
9
Why Email security standard is required ? Cryptography and Network Security” by AtulKahate chapter 6 Page No- 307-308
Working Principle of SMTP along its diagram Cryptography and Network Security” by AtulKahate chapter 6 Page No- 308-310
What is PEM? Cryptography and Network Security” by AtulKahate chapter 6 Page No- 310-311
State Four Operation in PEM ? Cryptography and Network Security” by AtulKahate chapter 6 Page No- 311-312
Describe each Step in PEM Operation in detail Cryptography and Network Security” by AtulKahate chapter 6 Page No- 311-314
Website: http://www.hydtechwriter.com/what-is-simple-mail-transfer-protocol-smtp/
PPT- www.cs.huji.ac.il/~sans/students_lectures/PEM.ppt
10
Describe PGP Cryptography and Network Security” by AtulKahate chapter 6 Internet Security Protocol Page No- 314-315 “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin . Chapter 16Page No 433
How PGP Works Cryptography and Network Security” by AtulKahate chapter 6 Internet Security Protocol Page No- 314-315 “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin . Chapter 16Page No 433
State step wise Operation in PGP Cryptography and Network Security” by AtulKahate chapter 6 Internet Security Protocal Page No- 315-316
What is S/MIME ?Describe working principle of S/MIME Cryptography and Network Security” by AtulKahate chapter 6 Internet Security Protocal Page No- 322-326
11
Introduction of IP Security Cryptography and Network Security” by AtulKahate chapter9 Page No-452-453 “Computer Security” by Dieter Gollman Chapter 13 Page No -239
Overview of IPSecalong with its Application and advantage Cryptography and Network Security” by AtulKahatechapter9 Page No-454-455 “Cryptography and Network Security “by William Stalling Chapter 16 PageNo-485486
2 types IPsec Protocol Cryptography and Network Security” by AtulKahatechapter9 Page No-455-457 “Cryptography and Network Security “by William Stalling Chapter 16 PageNo-486487
Draw the format of AH Header in IPSec Cryptography and Network Security” by AtulKahatechapter9 Page No-459-463 “Computer Security” by Dieter Gollman Chapter 13 Page No -239 “Cryptography and Network Security “by William Stalling Chapter 16 PageNo-494496
Draw the format of ESP in IPSec Cryptography and Network Security” by AtulKahatechapter9 Page No-464-465 “Computer Security” by Dieter Gollman Chapter 13 Page No -239 “Cryptography and Network Security “by William Stalling Chapter 16 PageNo-498500
Website: http://securityweekly.com/presentations/IPSEC.pdf http://technet.microsoft.com/en-us/library/cc776369(v=ws.10).aspx https://sc1.checkpoint.com/documents/R76/CP_R76_VPN_AdminGuide/13847.ht m http://www.isaserver.org/articles-tutorials/articles/IPSec_Passthrough.html
12
What is Security Association “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter11 Page No:284-285
What is IPSec Configuration “Principles of Computer CompTIA Security +and beyond” by WM.Arthur Conklin Chapter11 Page no-285-286
Describe the Tranport and Tunnel Modes of AH Header in IPSec Cryptography and Network Security” by AtulKahatechapter9 Page No-463
Describe the Transport and Tunnel Modes of ESP in IPSec Cryptography and Network Security” by AtulKahatechapter9 Page No-464-466
Website: http://www.isaserver.org/articles-tutorials/articles/IPSec_Passthrough.html http://www.deepsh.it/networking/IPSec.html https://techlib.barracuda.com/display/bngv52/how+to+create+an+ipsec+vpn+tunne l+between+the+barracuda+ng+firewall+and+a+pfsense+firewall http://flylib.com/books/en/3.190.1.135/1/ https://training.apnic.net/docs/eSEC03_IPSec_Basics.pdf
PPT-www.cs.northwestern.edu/~ychen/classes/mitp-458/ipsec.pp
Topic 5
Name: IT Act and Cyber Law Knowledge Category
Example/s of category
Teaching methodology
FACT
File
Use appropriate example of any Software File like DOC, PPT or EXE file
Act
Use appropriate example of any Government Ragging Act 2009 or any related IT Act or IPC Act, Copyright Act
Crime
Use appropriate example of Crime For example – Internet Fraud, any Criminal Activity or Hacking Computer System
Law
CONCEPT
Cyber Crime Hacking & Cracking
Piracy
Investigation
Use appropriate example of Indian Government Law like Murder Law etc Use any appropriate PPT Use any appropriate example of Hacking like Facebook hacking etc. Use any appropriate example like Software Piracy, CD Piracy etc Use any appropriate
Lecture No.
1
Topic/ Subtopic to be covered
PPTs
What is Data Recovery What is Computer File - Reasons of Data lost Procedure to recover Deleted file from FAT & NTFS Partition What is Partitioning in Computer System – Types of Partitions Reasons of Partition damage Formatted Partition Recovery Procedure (FAT / NFTS) Data Recovery Categories & different Tools available Procedure of Data Recovery & Ethics
http://www.aboutpartition.com/types-of-hard-drive-partitions/ http://www.recuperationdedonneesperdues.com/data-recovery http://www.robertuniverse.com/introduction-to-data-recovery/ http://psonlinehelp.equallogic.com/V4.2/Content/AdminNewBook/AdminN ew_recover.htm http://transparen.com/data-protection-group/data-recovery-ethics
2
What is Cyber Crime “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 181 Different Types of Cyber Crime “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 182 What is Hacking & Cracking – Types of Hackers Virus & its attacks Define terms – Pornography, Software Piracy “Information Security and Cyber Laws” by Saurabh Sharma Chapter 7 Page no 174 PPTs – http://www.slideshare.net/aemankhan/cybercrimeppt-27376284 https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=7 &cad=rja&uact=8&sqi=2&ved=0CEIQFjAG&url=http%3A%2F%2Fwww. cyberseminar.cdit.org%2Fpdf%2F09_02_09%2Floknath.ppt&ei=kceiU_aJ9OHuATko4BA&usg=AFQjCNGmpx90JfvtJWuJde2U7XfLaVF7Zg&bv m=bv.69411363,d.c2E
3
4
Intellectual Property – Copyright & Industrial Property “Information Security and Cyber Laws” by Saurabh Sharma Chapter 7 Page no 166 http://www.wipo.int/export/sites/www/freepublications/en/intproperty/450/ wipo_pub_450.pd Which are different types of legal Systems & its laws Define term – Mail Bombs, Bug Exploits Cyber Crime Investigation – its procedure PPTs – http://www.slideshare.net/mahmoodttc/intellectual-property-ppt-final http://www.slideshare.net/tabrezahmad/cybercrime-investigation http://www.scribd.com/doc/94789254/Ppt-on-Investigation-Method-ofCyber-Crime Need of Cyber Law & What is Cyber Law “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 184 & 187 IT Act 2000- Objectives, Scope, Provisions, Advantages & disadvantages “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 185 IT Act 2008 – Modification in IT Act 2000, Characteristics PPTs http://www.slideshare.net/YogendraWagh/it-act-ppt-1111 http://www.powershow.com/view1/268863ZDc1Z/Information_Technology_Act_2000_v_s_2008_powerpoint_ppt_pre sentation http://www.slideshare.net/Arnab_Roy_Chowdhury/cyber-law-15036761
Topic 6
Name: Application and Web Security Knowledge Category
Example/s of category
Teaching methodology
FACT
Standard Protocols
Demonstrate with
SSL,TLS
suitable Chart
Web security threats
CONCEPT
Hotfix Patch Upgrades
Small section of code designed to fix problems Ex- Any work done on Windows 2000 is targeted at the next service pack and hotfixes are built against the existing available base.
Lecture No.
1
Topic/ Subtopic to be covered
What is application hardening ? What is Patches? What is Web security? “Principles of Computer Security CompTIA Security +and beyond” by WM.Arthur Conklin Chapter-14 pg.nos-373 to 378
2
How web server works? What is active Directory? Web security threats Web security approaches
3
Working of SSL,TLS i. "Cryptography & Security" by C.K.ShyamalaN.HariniDr T R Padmanabhan Chapter-11 Pg. nos358 to391 ii. AtulKahate Cryptography & Network Security Chapter-6. Pg.nos-218 to 231
PPT4
www.smsvaranasi.com/KMC/kmc_ppt/islc/SET.ppt Working of SET i. "Cryptography & Security" by C.K.ShyamalaN.HariniDr T R Padmanabhan Chapter-11 Pg. nos391 to 415 ii. "Cryptography & Network Security "by AtulKahate Security Protocols" Pg.nos 231 to 251
PPT euclid.barry.edu/~zuniga/courses/cs477/SET.ppt
Chapter-6. "Internet
Information Security Topic 1
Name: Introduction security & Model Knowledge Category
Example/s of category
FACT
Security
CONCEPT
PRINCIPLE
Teaching methodology
Use appropriate example of security – security guards outside office Ex: Students data that is Data details through which you can easily find out any student. Three pillars of Use any appropriate PPT and example – email information security Confidentiality, Integrity, Availability Information security CIA principles
Learning Resources: Books: “Principles of Information Security” By Whitman Publisher - Cengage india “Information System Security” by Godbole Nina Publisher - John Wiley “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Publisher – Pearson “Information Security & Cyber Laws” by Saurabh Sharma Publisher Vikas Publishing House Teaching Aids: Black board, Chalk, Transparencies, Power point presentation slides(PPTs), Reference books, notes, LCD projector/OHP Projector PPTs- PPT with Sample: Preferably prepare PPTs containing(Keyword in Google search:- “ppt for event classification in information security” Select “ 2nd Link”) www.oic-ci.gc.ca/eng/DownloadHandler.ashx?...security.ppt
Websites https://www.cs.duke.edu/courses/summer04/cps001/.../Lecture15.ppt
Lecture No.
Topic/ Subtopic to be covered
1
2
Define Security – Example of Security Guard Define Information – Example like Student / Employee Data What is the need of information? – Area where information is used Why information is important? – what are the advantages of Information in day to day life “Principles of Information Security” By Nina Godbole Chapter -5 Note – Summarize the key points & definitions of Topic Example of application where information is important Example: Governments, commercial businesses, and individuals are all storing information electronically - compact, instantaneous transfer, easy access Ability to use information more efficiently has resulted in a rapid increase in the value of information Define Information Security “Principles of Information Security” By Nina Godbole Chapter -1 Page No 1 to 5
PPT 3
4
5
6
7
8
iii. https://www.cs.duke.edu/courses/summer04/cps001/.../Lecture15.ppt How information is classified? Which criteria is required for classification of Information – List various criteria “Principles of Information Security” By Nina Godbole Chapter -5 Page No 76 to 80 What is the need of security Why information security is important? “Principles of Information Security” By Nina Godbole Chapter -1 Page No 2,3 Basic principles of information security – Show Pyramidal Model of CIA Confidentiality- Authorized user should able to access information Integrity- Authorized user should able to modify information Availability- whether authorized users or host should be available
Which are pillars of Information security? Demonstrate with diagram “Principles of Information Security” By Nina Godbole Chapter -5 Page No 73 to 75 What is data obfuscation? Example for data obfuscation “Principles of Information Security” By Nina Godbole Chapter -5 Page No 81, 82 Event classification “Principles of Information Security” By Nina Godbole Chapter -5 Page No 83 to8 5
PPT iv. www.oic-ci.gc.ca/eng/DownloadHandler.ashx?...security.ppt
Topic 2 Name: Information Security Architecture and Model Knowledge Category
Example/s of category
Teaching methodology
FACT
Information
Use example like Data
Security
CONCEPT
Management
Use appropriate example of Management – College management system etc.
Standards
User appropriate examples like ISO standard
Guidelines
Policy
PROCEDURE
User appropriate examples like Guidelines of writing paper, experiments etc. User appropriate examples like Password Selection Policy
Confidentiality Model
User appropriate examples like belief in relationship User appropriate PPTs &
Integrity Model
examples
Trust PRINCIPLE
Use appropriate example of security – security guards
Evaluation Criteria – User appropriate PPTs & TCSEC
examples Department of Defense (India/U.S.)
Learning Resources:: Books: “Information System Security” by Godbole Nina Publisher - John Wiley “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt Publisher – Pearson Teaching Aids: Black board, Chalk, Transparencies, Power point presentation slides(PPTs), Reference books, notes, LCD projector/OHP Projector
Lecture No.
Topic/ Subtopic to be covered
1
What is Information Security, Why Information Security (Revision) Definition of Risk Management o Use suitable example like organization, College etc. Components of Risk Management o Diagram of Components & explain each component Web Site – http://demop.com/articles/what-is-information-security.pdf http://www.investopedia.com/terms/r/riskmanagement.asp http://www.whatisriskmanagement.net/ https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1& cad=rja&uact=8&ved=0CBsQFjAA&url=http%3A%2F%2Fwww.specialoly mpics.bc.ca%2Fsites%2Fdefault%2Ffiles%2FSanctioning%2520%2520Risk%2520Management.doc&ei=MFOlU4WRO9CVuATUtoDoCw& usg=AFQjCNF6CfirRE9Si7HfgGcz0KoL2HLzuA&bvm=bv.69411363,d.c2 E PPts – https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=8& cad=rja&uact=8&sqi=2&ved=0CDoQFjAH&url=http%3A%2F%2Fwww.ju st.edu.jo%2F~tawalbeh%2Faabfs%2Fiss6753%2Fpresentations%2FRMP.ppt &ei=ZlOlU8SkE9CKuATpzYDoCg&usg=AFQjCNHFQFBF90DQB0kiin7e EJr1zoDvHA&bvm=bv.69411363,d.c2E How to Identify Risk Calculation of Risk – Show formula for calculation of Risk Quantitative & Qualitative Risk Analysis – Give comparison with example “Information System Security” by Nina Godbole Chapter No 6, Page no 92,93 “Computer Security” by Dieter Gollman Chapter 2, Page No 26 “Information System Security” By Nina Godbole What is Security Policy – Types of Policies “Information System Security” by Nina Godbole Chapter No 4, Page no 57, 58 What is Guidelines & Standards – o Give example like Guidelines for Online exam etc. o Give example like ISO etc. “Information System Security” by Nina Godbole Chapter No 4, Page no -61 Web Site – http://www.pearsonitcertification.com/articles/article.aspx?p=418007&seqN um=5
2
3
4
5
Trusted Computing Base (TCB)- Definition, Features & Elements “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -118 What is Ring of Trust – Use diagram “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -119 Ring of Trust for Stand-alone systems & for Network environment o Use diagram “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -120, 121 Web Site – http://searchsecurity.techtarget.com/definition/trusted-computing-base http://link.springer.com/chapter/10.1007/978-3-642-04831-9_10#page-1 PPTs – https://wiki.engr.illinois.edu/download/attachments/183272958/trustelements-and-examples.pdf?version=1&modificationDate=1318426648000 What is Protection mechanisms o Use example like Antivirus, CCTV cameras etc. Different Protection Mechanisms in TCB– Prepare Chart “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -121 to 123 Process Isolation Principles of least privilege Hardware Segmentation Layering Abstraction Data Hiding
6
7
Information Storage – Prepare the Chart & display Primary & Secondary Storage Real & Virtual Memory Random Memory Sequential Storage Volatile Memory Closed & Open System Multitasking, Multiprogramming & Multiprocessing System Finite State Machine
Web Site – http://www.cl.cam.ac.uk/~rja14/policy11/node22.html#SECTION000490000 00000000000 PPTs https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=7& cad=rja&uact=8&ved=0CEAQFjAG&url=http%3A%2F%2Fwww.aast.edu %2Fpheed%2Fstaffadminview%2Fpdf_retreive.php%3Furl%3D373_23865_ CR415_2011_1__1_1_merkow_ppt_05.ppt%26stafftype%3Dstaffcourses&e i=gFilU6PwJtiXuAT99oLQCQ&usg=AFQjCNGWq3ilHnruRPVVKLYpuqxTUWGRA&bvm=bv.69411363,d.c2E System Security Assurance Concepts ii. Functional & Assurance Requirement iii. Goals of Security Testing iv. Formal Security Testing Models “Principles of Information Security” By Nina Godbole Chapter -5 Page No 83 to8 5
8
What is Trusted Computer Security Evaluation Criteria (TCSEC) “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -125 Purpose of TCSEC Classes of Divisions of TCSEC Prepare Chart for use of Divisions and Classes “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -126, 127 c) Division D d) Division C – Class C1 & Class C2
9
e) Division B – Class B1,Class B2, Class B3 f) Division A – Class A1 “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt Chapter No 5 Page No -127, 128, 129 Web Site – http://www.cse.psu.edu/~tjaeger/cse443-s12/docs/ch12.pdf http://www.boran.com/security/tcsec.html
10
What is Information Technology Security Evaluation Criteria (ITSEC) “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -129 Comparison of ITSEC & TCSEC “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -130 ITSEC Purposes & Assurance Classes – E0 to E6 o Prepare chart for description of E0 to E6 Web Site – http://www.iwar.org.uk/comsec/resources/standards/itsec.htm http://www.newstaff.com/criteria/itsec/levels/index.html http://www.cse.dcu.ie/essiscope/sm2/beyond/itsec.html
11
What is Confidentiality & Integrity Model – Different Models “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -141, 142 Bell-LaPadula Model Biba Integrity Model “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt Chapter No 5
12
Web Sites – http://www.digitalthreat.net/2010/05/information-security-models-forconfidentiality-and-integrity/ PPTs https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=8& cad=rja&uact=8&ved=0CEUQFjAH&url=http%3A%2F%2Fwww.cs.gsu.ed u%2F~cscyqz%2Fcourses%2Faos%2Fslides09%2Fch8.3-Fall09XiaoChen.ppt&ei=01ylU80n1J66BM6TgLgD&usg=AFQjCNF75f57UF6r4d CxBVAEZVSPZEJHzw&bvm=bv.69411363,d.c2E https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=10 &cad=rja&uact=8&ved=0CFEQFjAJ&url=http%3A%2F%2Fwww.etcs.ipfw .edu%2F~steffen%2FITT%2FOld-PP%2FChapter%25205Network%2520SecurityITT.ppt&ei=01ylU80n1J66BM6TgLgD&usg=AFQjCNFsMY6g2X8tr2dPvo mZbaIldMrVvg&bvm=bv.69411363,d.c2E Advanced Models- Definition and Use “Information Security Principles and Practices” by Mark Merkow & Jim Breithaupt” Chapter No 5, Page No -142 vi. Clark &Wilson Model vii. Noninterference Model viii. State Machine Model ix. Access Matrix Model x. Information Flow Model Web Sites – http://www.commondork.com/2010/05/16/bell-la-padula-biba-andclark-wilson-security-models/ http://crypto.stanford.edu/~ninghui/courses/Fall03/papers/landwehr_s urvey.pdf
Topic 3
Name: Cryptography Knowledge Category
Example/s of category
Teaching methodology
FACT
Plaintext
Use example of Plaintext–Human language understandable by Sender and receiver.
Key (message:“welcome to third year diploma”) Cipher Text
Show any message is Codified by replacing or reposting. KEY is “3” Alphabet A Codified by key “3” to Alphabet “C” Show example of codified message like MOUSE is code to “UEMOS”
CONCEPT
Cryptography, Cryptanalysis
Use appropriate example to show the converting of plaintext to cipher text and vice-versa – “In war times message is cryptograph and sent in order to protect from enemy.”
Encryption
Decryption
Private Key
Public Key
Show example of encoding plaintext to Cipher text: Eg. ”Computer” to” retupmoc” Show example of decoding Cipher text to Plaintext Eg.“retupmoc” to “Computer” Show example of key which need to be kept secret:
Lecture No.
Topic/ Subtopic to be covered
1 Introduction to Data Encryption Technique “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 11 What is Cryptography? – Draw diagram “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No1314 What is Cryptanalysis? “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 14-15 Application of Cryptography “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 14-15
Website
http://en.wikipedia.org/wiki/Cryptography http://www.apprendre-en-ligne.net/crypto/bibliotheque/PDF/Kwang.pdf http://cs.stanford.edu/people/eroberts/cs181/projects/dvd- css/cryptography.htm
Classical Encryption Technique used by Sender and Recipient
2 “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 11
State 2 types of Encryption Methods? “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 12
iii. Give various components of Symmetric Encryption And Decryption
Process – Use Diagram “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 12-13
Website: http://www.apprendre-en-ligne.net/crypto/bibliotheque/PDF/Kwang.pdf
PPT – 1.
https://www.cs.purdue.edu/homes/ninghui/.../526_Fall12_topic02.ppt
3 iv. Define Substitution Cipher
“Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 15 v. Working principle of Caesar cipher “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 15-16
Ex: message “MOUSE” CODED MSG: UEMOS vi. State advantage and disadvantages of Caesar Cipher “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 16 vii. Working principle of Monoalphabetic cipher “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 16-17
Website http://www.math.uic.edu/CryptoClubProject/CCpacket.pdf
PPT –
https://www.cs.usfca.edu/~brooks/S03classes/cs486/lectures/lecture-3.ppt
4 1. Working principal of Playfair cipher – Show example “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 17-19 2. Hill cipher – Show example “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 19-21 Website http://www.ling.ohio-state.edu/~cbrew/2008/spring/playfair.pdf PPT https://www.uop.edu.jo/material/1843212812010.ppt
5 a) Define Transposition cipher. State its 2 types “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 26-27 b) How Row transposition cipher works – Use example “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 2627
Website 6
http://courses.cs.tamu.edu/pooch/665_spring2008/Australian-sec-2006/less05.html a) Working principle of One Time Pad – Give example & Solve it “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 24
PPT
https://www.cs.usfca.edu/~brooks/S03classes/cs486/lectures/lecture-3.ppt
7
b) What is Stegnography? – Flow diagram “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 28
Uses of Stegnography “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 28
Stegnography and security “Cryptography and Information Security” by V.K.Pachghare , Chapter-2, Page No 28
Website8
http://arxiv.org/ftp/arxiv/papers/0912/0912.2319.pdf Introduction to Digital Signatures,
“Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no -204
Implementation of Digital Signature o Use Flow diagram for explanation “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no -206 Association of Digital signature and Encryption “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no -206
Website http://www.youdzone.com/signature.html http://www.infosec.gov.hk/english/itpro/public_main.html
9
What are Digital Signature Algorithm “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no 208
Working Principle of Various Digital Signature Algorithm “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no 209-212
Websitea) http://www.cs.haifa.ac.il/~orrd/IntroToCrypto/online/fips_186-3.pdf
10
Authentication Protocols – List different Protocols “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no 214
11
What is Digital Signature Standards “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no 213
Website12
http://www.cs.haifa.ac.il/~orrd/IntroToCrypto/online/fips_186-3.pdf http://courses.cs.tamu.edu/pooch/665_spring2008/Australian-sec-2006/less19.html Give Application Digital Signature Standards “Cryptography and Information Security” by V.K.Pachghare Chapter 10 page no 213-214
Website http://www.cs.haifa.ac.il/~orrd/IntroToCrypto/online/fips_186-3.pdf
Topic 4 Name: Data Recovery and Cyber Security Knowledge Category
Example/s of category
Teaching methodology
FACT
File
Use appropriate example of any Software File like DOC, PPT or EXE file
Act
Use appropriate example of any Government Ragging Act 2009 or any related IT Act or IPC Act, Copyright Act
Crime
Use appropriate example of Crime For example – Internet Fraud, any Criminal Activity or Hacking Computer System
Law
CONCEPT
Cyber Crime Hacking & Cracking
Piracy
Investigation
PROCEDURE
Use any appropriate example of Hacking like Facebook hacking etc. Use any appropriate example like Software Piracy, CD Piracy etc Use any appropriate example of investigation bureau
Cyber Law
Use any appropriate PPT or example like IT Act 1961 etc. Use any appropriate PPT
IT Act 2000, 2008
Use any appropriate PPT
Data Recovery Tools
Use
IT Act
PRINCIPLE
Use appropriate example of Indian Government Law like Murder Law etc Use any appropriate PPT
any
appropriate
Freely available tool like -
Lecture No. 1
Topic/ Subtopic to be covered
PPTs
2
What is Data Recovery What is Computer File - Reasons of Data lost Procedure to recover Deleted file from FAT & NTFS Partition What is Partitioning in Computer System – Types of Partitions Reasons of Partition damage o List out the reasons Formatted Partition Recovery Procedure (FAT / NFTS) http://www.aboutpartition.com/types-of-hard-drive-partitions/ http://www.recuperationdedonneesperdues.com/data-recovery http://www.robertuniverse.com/introduction-to-data-recovery/ http://psonlinehelp.equallogic.com/V4.2/Content/AdminNewBook/AdminNe w_recover.htm Data Recovery Categories Different Tools available for Windows etc. – List of various freely available tools on Internet Procedure of Data Recovery – Give step wise example Data Recovery Ethics
Website a) http://pcsupport.about.com/od/filerecovery/tp/free-file-recoveryprograms.htm b) http://transparen.com/data-protection-group/data-recovery-ethics
3
What is Cyber Crime “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 181 Different Types of Cyber Crime o Use tree diagram for Types of Cyber Crime “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 182 PPTs – http://www.slideshare.net/aemankhan/cybercrimeppt-27376284 https://www.google.co.in/url?sa=t&rct=j&q=&esrc=s&source=web&cd=7& cad=rja&uact=8&sqi=2&ved=0CEIQFjAG&url=http%3A%2F%2Fwww.cy berseminar.cdit.org%2Fpdf%2F09_02_09%2Floknath.ppt&ei=kceiU_aJ9OHuATko4BA&usg=AFQjCNGmpx90JfvtJWuJde2U7XfLaVF7Zg&bvm =bv.69411363,d.c2E
4
What is Hacking & Cracking – Types of Hackers Virus & its attacks – List types of attacks like Dos, DDos… Define terms – Pornography, Software Piracy o Use example like CD Piracy etc. “Information Security and Cyber Laws” by Saurabh Sharma Chapter 7 Page no 174 Website – a) http://www.legalservicesindia.com/articles/cyhac.htm b) http://evestigate.com/cyber-crime-hacker-terms-to-know/
5
What is Intellectual Property Copyright, Patents Industrial Design Rights Trademark – Use example like logo of MSBTE etc. What is Industrial Property “Information Security and Cyber Laws” by Saurabh Sharma Chapter 7 Page no 166 Define term – Mail Bombs, Bug Exploits Website – a) http://www.wipo.int/export/sites/www/freepublications/en/intproperty/450/ wipo_pub_450.pdf
6
7
PPTs – http://www.slideshare.net/mahmoodttc/intellectual-property-ppt-final Which are different types of legal Systems & its laws Cyber Crime Investigation – its procedure Website http://www.slideshare.net/tabrezahmad/cybercrime-investigation http://www.scribd.com/doc/94789254/Ppt-on-Investigation-Method-ofCyber-Crime Need of Cyber Law “Cyber Crimes and related Laws” by Saurabh Sharma Chapter 8 Page no 184 & 187 What is Cyber Laws – Definition of Cyber Law “Cyber Crimes and related Laws” by Saurabh Sharma Chapter 8 Page no 184 PPTs http://www.slideshare.net/Arnab_Roy_Chowdhury/cyber-law-15036761
8 IT Act 2000- Objectives, Scope, Provisions, Advantages & disadvantages “Information Security and Cyber Laws” by Saurabh Sharma Chapter 8 Page no 185
o List out the Chapters IT Act 2008 – Modification in IT Act 2000, Characteristics o List out the Chapters
PPT – http://www.slideshare.net/YogendraWagh/it-act-ppt-1111 http://www.powershow.com/view1/268863ZDc1Z/Information_Technology_Act_2000_v_s_2008_powerpoint_ppt_pre sentation
Topic 5 Name: Access, Physical Control and Compliance Standards Knowledge Category
Example/s of category
FACT
Identification
CONCEPT
Use any physical mark of identification example like Green color eyes . Use appropriate example Biometrics of Biometrics – Thumb impression used in attendance system of Physical access control college. Use example of Door Security system or Digital Locker –Thumb impression is used to open lock etc. Compliance Standards Acting according to certain accepted standard .Eg like ISO standard Authorization
Authentication
Framework
PRINCIPLE
Teaching methodology
Kerberos Model
Specifying access rights to particular resources Eg: human resources staff is normally authorized to access employee records. It includes formalized as access control rules in a computer system. Accepting proof of identity given by a credible person examples like College ID card or Employee ID, Passport Structure of Computer System Use example of Software frameworks include support programs, compilers, code libraries, tool sets, and API User appropriate PPTs &
Lecture No.
Topic/ Subtopic to be covered
1
What is Identification? – Use example like Photo ID card “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 234 Define Authorization? State its features “Principles of Information Security” by By Michael E. Whitman , Herbert J. Mattord Chapter 6 Page no 249 What is Authentication? “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 234 State features of Biometrics? – Use example like Thumb Reader etc. “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 241
Give various element involved in Biometrics System – Show diagram “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 241
How Single Sign- on works? – Use diagram “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 242
Website – http://www.cyberciti.biz/faq/authentication-vs-authorization/ http://www.cse.iitk.ac.in/users/biometrics/pages/what_is_biom_more.h http://www.biometrics.gov/ PPT – www.cse.fau.edu/~security/public/BiometricsPresentation.ppt https://www.owasp.org/.../OWASPSanAntonio_2006_08_SingleSignO n.
2
Describe Kerberos Model? o Use various servers used in Kerberos o Draw diagram “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 243 Show relation of Kerberos with Authentication Ex: Student is allowed to enter in Library hall by checking College ID and entering name in Register and Verify by Librarian or any other suitable examples “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 243
How Remote Access works? “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 247 Remote user access and Authentication “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 10 Page No 247 Website: a) http://technet.microsoft.com/en-us/library/cc780469(v=ws.10).aspx b) http://www.google.co.in/imgres?imgurl=&imgrefurl=http%3A%2F%2Fwww.codep roject.com%2FArticles%2F27554%2FAuthentication-in-web-services-using-C-andKerbero&h=0&w=0&tbnid=qv2CJmNFmv7QYM&zoom=1&tbnh=186&tbnw=27 0&docid=IGaJwLDTXe1FmM&tbm=isch&ei=GeoU_3TCZKgugS8r4LwCQ&ved=0CAIQsCUoAA c) https://software.intel.com/sites/manageability/AMT_Implementation_and_Referenc e_Guide/default.htm?turl=WordDocuments%2Fintroductiontokerberosauthenticatio n.htm
PPT: a) www.obscure.org/~jafitz/250_p1/Kerberos.ppt b) www.isi.edu/~annc/classes/grid/lectures/sivaLecture.ppt
3 What is Physical access control? Ex: Use example of Door Security system or Digital Locker –Thumb impression is used to open lock etc “Principles of Information Security” by By Michael E. Whitman , Herbert J. Mattord Chapter 9 Page no 400 a) What are threat invoked in Physical access “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 8 Page No 195. a) Need for Physical Security “Information System Security” by Nina Godbole Chapter 7 Page No 101
Website – http://www.cdn.com/securitysystemPhysical.aspx 4
b) What is Physical Security – example like wall, security dogs, safety doors etc. “Information System Security” by Nina Godbole Chapter 7 Page No 102 c) How to provide physical security “Information Security Principles and Practices” by Mark Merkov & Jim Breithaupt Chapter 8 Page No 197, 198
Website – http://www.cdn.com/securitysystemPhysical.aspx 5
Define Compliance in general term What is Compliance Standard Implementing and Information Security Management System (ISMS) “Information System Security” by Nina Godbole Chapter 4 Page No 64 and Chapter 23Page No 424 Website: www.oxforddictionaries.com/definition/english/compliance http://www.immusec.com/en/implementation-information-securitymanagement-system https://www.aiche.org/ccps/topics/elements-process-safety/commitmentprocess-safety/compliance-standards/introduction
6
ISO 27001“Information System Security” by Nina Godbole Chapter 22 Page No 400
ISO 20000 “Information System Security” by Nina Godbole Chapter26 Page No 470 BS25999
PCI DSS “Information System Security” by Nina Godbole
Website
www.iso.org/iso/home/standards/management-standards/iso27001.htm www.iso27001security.com http://www.standards.org/standards/listing/iso_20000
https://www.pcisecuritystandards.org/security_standards/ http://www.securityassessment.com/files/presentations/PCI_DSS_Presentation_0107.pdf https://www.set.or.th/.../BCM%20with%20PWC%2027%20April%20v3.
PPT
7
www.ermantaskin.com/bcm/BS25999_ERMAN_TASKIN.ppt
How ITIL frameworks help the IT organization? “Information System Security” by Nina Godbole Chapter26 Page No 470
Website http://www.itil-officialsite.com/AboutITIL/WhatisITIL.aspx http://www.best-management-practice.com/gempdf/itil_the_basics.pdf
PPT a) https://www.ok.gov/OSF/documents/ITILOverview.ppt b) www.chakarov.com/powerpoints/itilv3overview.ppt
8
How COBIT framework works in IT organization “Information System Security” by Nina Godbole Chapter 22 Page No 400 and Chapter 25 Page No 449 Website: a) http://www.isaca.org/cobit/documents/cobit-5-introduction.pdf b) http://www.counterpoint.co.za/pages/cobit.htm c) http://www.isaca.org/COBIT/Documents/COBIT5-Ver2-FrameWork.pdf ppt: a) www.isaca.org/cobit/documents/cobit5-introduction.ppt b) https://www.vpit.ualberta.ca/frameworks/ppt/cobit_introduction.pp
View more...
Comments